Armis has discovered five critical vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over corporate and network devices without any user interaction. The discovery, dubbed CDPwn, exposes vulnerabilities which could allow an attacker to fully take over switches, routers, IP phones and cameras.
Watch this webinar to learn how an attacker would use CDPwn to exploit these vulnerabilities leading to:
- Breaking of network segmentation
- Data exfiltration of corporate network traffic traversing through an organization's switches and routers
- Gaining access to additional devices by leveraging man-in-the-middle attacks by intercepting and altering traffic on the corporate switch
- Data exfiltration of sensitive information such as phone calls from from devices like IP phones and video feeds from IP cameras